General
-
Target
b2cb49e4e63b41c50e7f2f69c3cf4fea77d81507361363542f66d942e279f6b5
-
Size
354KB
-
Sample
220205-nagk9aagc4
-
MD5
bc7a9f509c9ae86dc0361845eaedf6b7
-
SHA1
f1d0279c7bb14e4489caecb6f97ee615958cc3b4
-
SHA256
b2cb49e4e63b41c50e7f2f69c3cf4fea77d81507361363542f66d942e279f6b5
-
SHA512
e942a1304aaeaede73e3bfbc3f60e64e4f9020109f6afa0f553b3778b26d01ed980757aa23a62961d095969ce1ff4bc98b0a8a31f4773984bad3212b57f4f948
Static task
static1
Behavioral task
behavioral1
Sample
Document#974529430157.vbs
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
Document#974529430157.vbs
Resource
win10v2004-en-20220113
Malware Config
Extracted
dridex
10555
79.137.83.50:443
173.212.212.173:3074
80.86.81.31:3389
85.25.185.155:691
Targets
-
-
Target
Document#974529430157.vbs
-
Size
987KB
-
MD5
d3e868f6112ee5c6a414b6f3087a5276
-
SHA1
2cc732a9b0620c15bebf1bbfe4b9dc8c0a22f8c9
-
SHA256
72baaecfb7c235e5ecd08aa1d8d8e210edc452f230ece050e1e02badbafadf67
-
SHA512
5542f7f4da1aa4684b1fef8407f81a07d20fa662ed2f94ccb9196cf77c78e7f89e4c9994c6d2b7b52c9c1aefdb608becc56b813ac49a7dc6ee41b7a5295cdf8d
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-